I migrated all our users to bes 5.04 and I have since had a few reports from users that https websites are no longer working. After looking in the problem it appears to be a relatively common problem. I found these related KB

I have tried to enable "Allow untrusted servers Yes" on the mds https settings. But this has not resolved the problem.

The question I have with this problem is why is it occurring to begin with? I am getting this error when going to hotmail.com but not paypal.com.

Obviously I would prefer not to allow untrusted https connections but I would have hoped the bes would be smart enough to recognise a valid cert from an invalid cert.

Is there a better solution to this problem that I have might have overlooked? because the KB I posted do not resolve the problem. Even after applying the suggested fix i still get cert errors on the devices when trying to access hotmail.com

edit: just found this kb hxxp://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB27716